The "WireLurker" malware can install third-party
applications on regular, non-jailbroken iOS devices and hop from
infected Macs onto iPhones through USB connector-cables, said
Ryan Olson, intelligence director for the company's Unit 42
Palo Alto Networks said on Wednesday it had seen indications
that the attackers were Chinese. The malware originated from a
Chinese third-party apps store and appeared to have mostly
affected users within the country.
The malware spread through infected apps uploaded to the apps
store, that were in turn downloaded onto Mac computers.
According to the company, more than 400 such infected apps had
been downloaded over 350,000 times so far.
It's unclear what the objective of the attacks was. There is no
evidence that the attackers had made off with anything more
sensitive than messaging IDs and contacts from users' address
books, Olson added.
But "they could just as easily take your Apple ID or do
something else that's bad news," he said in an interview.
Apple, which Olson said was notified a couple weeks ago, did not
respond to requests for comment on Wednesday.
Once WireLurker gets on an iPhone, it can go on to infect
existing apps on the device, somewhat akin to how a traditional
virus infects computer software programs. Olson said it was the
first time he had seen it in action. "It's the first time we've
seen anyone doing it in the wild," he added.
(Reporting By Sai Sachin R in Bangalore; Editing by Saumyadeb
Chakrabarty and Cynthia Osterman)
[© 2014 Thomson Reuters. All rights
Copyright 2014 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.